Sensor Fusion Enhances Anomaly Detection in a Flood Forecasting System; The Ethics of Kernel Access: Reassessing Responsibility in the CrowdStrike Outage of 2024

My technical capstone and my STS research projects are loosely related. In my STS research project, I explored the CrowdStrike outage of July 2024, which was caused by a faulty update being pushed to all Windows devices. In my technical capstone, I explored utilizing sensor fusion and anomaly detection to verify real-world Internet of Things (IoT) devices for Floodwatch. These two projects are related because they address situations where software failure would cause some sort of issue. In my STS research project, I analyze the steps taken during and after the outage, while in my technical capstone, I explore a detection method to detect and address sensor data failures. Overall, while my technical capstone and my STS research project are not closely related, they both touch on addressing and preventing software failures.
In my technical capstone, I explored a sensor fusion method to enhance anomaly detection in IoT devices for Floodwatch. Floodwatch is a smart city platform that utilizes IoT weather sensors and machine learning to predict and monitor floods. To ensure the quality of our flood predictions, the data sent by our weather sensors must be verified, which we do through anomaly detection. Since Floodwatch deploys several sensors within a city and weather is generally the same within a small area, anomaly detection can be enhanced by utilizing the readings of nearby sensors. Therefore, I engineered a system that utilizes sensor fusion–fusing data from one or more sensors–to enhance existing anomaly detection methods. This new method I proposed improves anomaly detection performance by 10.8%.
In my STS research paper, I use Kantian ethics and the Categorical Imperative to examine the events and actions before, during, and after the CrowdStrike Outage of 2024. The CrowdStrike Outage of 2024 occurred when CrowdStrike released a faulty update that caused millions of Windows devices worldwide to go offline. This outage affected healthcare, aviation, and several other sectors. While other scholars argue that CrowdStrike was ethically responsible for the outage, I use Kantian ethics to demonstrate that CrowdStrike’s actions were not unethical and that the true ethical culprit is Microsoft. Specifically, Microsoft’s decision to grant third-party applications kernel access–a sensitive privilege that can lead to total software failure–was unethical and the root ethical cause of the CrowdStrike Outage of 2024.
My two projects had little overlap, but I learned a lot from examining the CrowdStrike Outage of 2024 in my STS research project. Specifically, I have learned the importance of infrastructure-level decisions. Microsoft’s infrastructure decision to enable kernel access, while seemingly harmless, ended up causing a worldwide outage. In my software engineering career, I will always consider all possibilities when developing infrastructure. I will ensure this by not only double-checking any decisions I personally make, but also challenging decisions that my coworkers make, and not agreeing with them until they provide a strong explanation. Not doing so would be unethical, as I understand the importance of infrastructure-level decisions.

School of Engineering and Applied Science

Bachelor of Science in Computer Science

Technical Advisor: Rich Nguyen

STS Advisor: Benjamin Laugelli

Technical Team Members: N/A